MARKET.SURF hereinafter, “the Entity”, through this website presents and makes available to users a catalog of clothing products and accessories from different brands as well as a platform for the acquisition of these products and different channels of contact with the Entity.
The Entity, in its capacity as Data Controller, is committed to due diligence and compliance with the Data Protection regulations implemented through Regulation 2016/679 regarding the protection of natural persons with regard to the processing of personal data. and the free circulation of these data General Data Protection (RGPD) and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD).
In compliance with the foregoing, the confidentiality and Personal Data Protection policy applicable to the processing of personal data within the framework of its activity is set forth below.
> Identity: MARKET.SURF
> Nif / DNI: 45987568B
> Address: Carrer Baix 1, 3-4, 08221, Terrassa.
> E-mail: firstname.lastname@example.org
The Entity may collect personal data through the following channels:
> Directly from the interested parties: the personal data that the interested party provides directly when filling out a form to request information, open an account, make a purchase, as well as when requesting assistance by phone, contact us in any way.
The types of personal data that we may collect are identification data, contact information and payment information.
> Third parties: identification and contact data that users provide to our collaborators and points of sale of our Entity.
Purposes of the treatment
The Entity will process the data and information collected for the following purposes:
> Manage any type of request, suggestion or request for information made by interested persons about the products in our catalog / our company.
> Process your registration as a registered user and management of the private account.
> Manage the purchasing processes carried out by our clients, as well as manage the relationship they have with our Entity.
> Send informative and commercial communications: treatment of the email provided by the user in order to inform them about activities, articles of interest and general information related to our activity and the contracted products.
> Comply with legal provisions under official requirements.
For the good purpose and development of their care and management of the above purposes, the owner consents to the processing of their data for the above purposes, all under the strictest compliance with the Data Protection regulations and the policy that we are detailing. . At any time he may exercise his rights (see specific section).
Data retention criteria
> Management of requests and orders: we will keep personal data for as long as is necessary for the management of orders and requests. At the end of the relationship between the Entity and the client, the personal data will be kept in the cases that could derive responsibilities with the Entity and / or in compliance with other regulatory frameworks that are applicable to the Entity or a standard with rank of law that requires the conservation of these. The personal data will be kept in a way that allows the identification and exercise of the rights of those affected and, under the legal and organizational technical measures that are necessary to guarantee the confidentiality and integrity of these.
> Others: the rest of the data and information provided by the user by any means will be kept for as long as necessary to fulfill the purpose for which they were collected.
The legal bases that enable the Entity to be able to process the personal data of the interested parties are:
> The consent of the interested persons for the processing and management of any request for information or consultation about our products, as well as for the
> The execution of a contract in relation to the purchase of products.
> The legitimate interest to send you informative, commercial and / or promotional offers related to the activity of the Entity and its products, via email.
> A legal provision.
Personal data will not be transferred to any third party, except to those third parties whose intervention is necessary for the correct management of your order (carriers, financial institutions, payment service providers, etc.).
Likewise, your data may also be transferred to organizations and authorities.
Likewise, your data may also be transferred to public bodies and authorities (administrative or judicial) in those cases in which a legal norm so establishes it.
No international data transfers are made to third countries.
Right of Access, Rectification and Deletion: interested persons have the right to obtain confirmation as to whether the Entity is processing personal data that concerns them, or not. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
Right to Limitation and Opposition: in certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims. In certain circumstances and, for reasons related to their particular situation, the interested parties may object to the processing of their data. The Entity will stop processing the data in this case, except for compelling legitimate reasons, or for the exercise or defense of possible claims.
These rights may be exercised in our Data Protection Channel.
Data Protection Channel
The Entity has implemented a Communications and Complaints Channel where the relevant and necessary aspects of data protection are incorporated, considering the highest commitment, rigor and professionalism in terms of security, experience, independence and knowledge in the treatment of communications. received, incorporating the requirements contemplated in article 24 of the LOPDGDD for this type of channels.
The Data Protection Channel has been implemented through a web platform, developed and managed by an independent external expert to provide and guarantee our previous commitments.
Through the Data Protection Channel, you can communicate and process the exercise of your Rights (see previous section) and communicate any indication or knowledge that you have of possible security violations (gaps) and / or possible breaches or irregularities regarding the regulations of Data Protection or the present policy of the Entity.
Access data to the Data Protection Channel are detailed at the beginning of this policy.
Attention and support
Interested persons may communicate to the Entity any questions about the processing of their personal data or interpretation of our policy, by contacting the Data Protection Officer (RPD) at the email address indicated at the beginning of this policy.
Users can access this information at any time through the link provided on the web. Likewise, they may modify the preferences regarding the acceptance of cookies through the options of their browser.
What is a cookie?
A ‘Cookie’ is a small text file that a website stores in the user’s browser. Cookies facilitate the use and navigation of a web page and are essential for the functioning of the Internet, providing innumerable advantages with the provision of interactive services.
Cookies are used, for example, to manage the user’s session (reducing the number of times their password must be included), to improve the services offered, or to adapt the contents of a web page to their preferences.
Cookies can be ‘session’ cookies, by which they are swept once the user leaves the web page that generated them, or ‘persistent’, which remain on their computer until a certain date.
Likewise, cookies can be ‘own’, managed by the domain in which the user accesses and what a certain service requests (in this case the domains owned by the company) or ‘third-party cookies’, sent to the user’s computer. from a different domain than the one being accessed.
Type of cookies used on the web
Cookies for internal use (own)
The deactivation of these cookies, by blocking cookies in the browser options, may prevent the proper functioning of some of the website’s functionalities.
Purpose: To know if the user has agreed to continue browsing with cookies activated.
Cookie: Maintenance of the session on the website
Purpose: Allows you to save the language of the web user.
Analytical Cookies (from third parties)
This website uses analytical cookies to collect statistics on user activity when visiting the page and its general activity. The information collected is anonymous and makes it possible to optimize navigation on our website and guarantee the best service to the user. We use third-party cookies (Google Analytics) to analyze our website. The user can exclude their activity through the exclusion systems provided by the analytical tools.
Cookie: Google Analytics
Purpose: It collects anonymous information about the navigation of users through the website in order to know the origin of visitors and other similar statistical data.
Google Privacy Center: Link.
Google Analytics disabling center: Link.
At all times, and at least during the installation or launch of the browser, the user has the possibility of accepting or rejecting the installation of cookies, or rejecting the installation of a certain type of cookies, such as advertising cookies and from third parties. In addition, after each session you can delete all or some of the stored cookies. Likewise, the user can activate them.
1. Private browsing, through which your browser stops saving your browsing history, website passwords, cookies and other information on the pages you visit.
2. The do-not-track function, whereby the browser asks the websites you visit not to track your browsing habits, such as using advertising of interest to the places you visit.
We recommend that you consult the help of your browser to find out about the different options on how to manage cookies. Below we include the links to manage cookies in the most relevant browsers: